Rule Category

OS-OTHER -- Snort has detected traffic targeting vulnerabilities in a non-standard operating system (not Windows, Linux, Solaris, or mobile). This does not include browser traffic or other software on the OS, but attacks against the OS itself. (such as?)

Alert Message

OS-OTHER Intel x64 side-channel analysis information leak attempt

Rule Explanation

This event is generated when an x86 side-channel analysis information leak is detected. Impact: Attempted Information Leak Details: Ease of Attack:

What To Look For

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

MITRE ATT&CK Framework

Tactic:

Technique:

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

CVE

Rule Vulnerability

CVE Additional Information

CVE-2017-5715
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Details
Severity Base Score5.6
Impact Score4.0 Exploit Score1.1
Confidentiality ImpactHIGH Integrity ImpactNONE
Availability ImpactNONE Access Vector
Authentication Ease of Access
CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Details
Severity Base Score5.6
Impact Score4.0 Exploit Score1.1
Confidentiality ImpactHIGH Integrity ImpactNONE
Availability ImpactNONE Access Vector
Authentication Ease of Access
CVE-2017-5754
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
Details
Severity Base Score5.6
Impact Score4.0 Exploit Score1.1
Confidentiality ImpactHIGH Integrity ImpactNONE
Availability ImpactNONE Access Vector
Authentication Ease of Access